Northrop Grumman Online Privacy Notice
Northrop Grumman Site Visitor's Privacy Notice
Effective March 10, 2025
Last Updated March 10, 2025
We at Northrop Grumman (“we”, “us”, “our”, “Northrop Grumman”) recognize and respect the importance of your privacy. This Privacy Notice(“Notice”) supplements the Northrop Grumman Privacy Notice published on its website and describes the information practices of the data controller to whose facility you are visiting. A Site Visitor is any individual who visits any Northrop Grumman or its affiliate locations around the world.
Information We Maintain
As part of your visit, we may collect the following categories of Personal Information from you:
- Contact Information, including name, email address, phone number, company name, company address
- Identifying Information, including national origin, citizenship, date of birth, place of birth, gender, military and veteran status
- Government Identification Information, including Social Security number, federal tax ID number, driver’s license number, passport number, state identification card number
- Visit Information, including reason for your visit, name of your host, the security classification of your meeting, special access needs, vehicle registration information
- Security Clearance Information
- Log-in Credentials, including username, password, time and date of login
Of the Personal Information collected, we may collect the following categories of sensitive Personal Information about you:
- Government Identification Information, including Social Security number, federal tax ID number, driver’s license number, passport number, state identification card number
- Log-in Credentials, including username, password, time and date of login
How We Use the Information About You
We may use the above categories of Personal Information and Sensitive Personal Information for certain business and/or commercial purposes, including as described in the below table.
|
Purposes |
Categories of Personal Information |
Legal Basis |
|
To manage your visit to our facilities, including identity validation and security-related clearances for classified or sensitive meetings |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Security Clearance Information |
Necessary for our legitimate interests |
|
To manage network access and access to export-controlled data or technology |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
Necessary for our legitimate interests |
|
To conduct background checks where necessary, during which your information may be compared against government lists of individuals and organizations subject to governmental sanctions |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Security Clearance Information |
Necessary for our legitimate interests |
|
To operate, evaluate and improve our business (including developing new products and services; enhancing and improving our products and services; managing our communications; analyzing our products, services and communications; and performing accounting, auditing other internal functions) |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
Necessary for our legitimate interests |
|
To protect against, identify and prevent cybersecurity and other security events, espionage, fraud and other unlawful activity, claims and other liabilities; and prosecuting those responsible |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
Necessary for our legitimate interests |
|
To comply with Northrop Grumman policies |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; |
Necessary for our legitimate interests |
|
To comply with and enforce applicable legal requirements, contractual obligations, relevant industry standards |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials;Security Clearance Information |
Necessary for us to comply with a legal obligation |
|
To respond to law enforcement requests |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
Necessary for us to comply with a legal obligation |
|
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us is among the assets transferred |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
Necessary for our legitimate interests |
We may use your information in other ways for which we provide specific notice at the time of collection.
We also may obtain information indirectly from you when you visit one of our Sites, such as when our security cameras capture your image.
Where we process Personal Information regarded as “special” in certain jurisdictions, we only process the Personal Information where necessary for the purpose of carrying out obligations in the field of employment and social security and social protection law. Where we wish to rely on consent for that processing, we will seek your explicit consent in writing and you have the right to withdraw your consent to that processing at any time. For a list of relevant service providers, please contact us using one of the means identified in the “How To Contact Us” section below
Prior Collection, Use and Disclosure of Personal Information
We may have collected and used your Personal Information, as described in “Information We Collect” and “How We Use the Information We Collect” sections above, during the 12-month period prior to the effective date of this Notice.
For Personal Information collected during such timeframe, we describe below:
- the categories of sources from which we may have obtained the Personal Information,
- the categories of Personal Information we may have disclosed for a business purpose and the categories of recipients to whom we may have disclosed such information, and
- the categories of Personal Information we may have sold or shared to a third party, if any.
Sources of Personal Information
We may have obtained Personal Information about you from various sources, including as described below.
|
Categories of Sources of Data Collection |
Categories of Personal Information |
|
Directly from you (such as when you provide identifiers to gain access to one of our facilities) |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Our subsidiaries |
Contact Information; Identifying Information; Government Identification Information; Visit Information |
|
Vendors who provide services on our behalf |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Our customers and business partners (such as subcontractors and suppliers) |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Government agencies, law enforcement, courts and regulators |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Cybersecurity information sharing resources |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials |
|
Social networking services |
Contact Information; Identifying Information; Visit Information; Education Information |
|
Public databases |
Contact Information; Identifying Information; Visit Information; Education Information |
Disclosure of Personal Information for a Business Purpose
We may have disclosed certain categories of Personal Information to certain categories of recipients for a business purpose, including as described below.
|
Categories of Recipients |
Categories of Personal Information |
|
Our subsidiaries |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Vendors who provide services on our behalf |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; ; Security Clearance Information |
|
Our customers and business partners (such as subcontractors and suppliers) |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Participants in cyber security information resources (when related to a cyber threat indicator) |
Contact Information; Identifying Information; Government Identification Information; Visit Information |
|
Government agencies, law enforcement, courts and regulators |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
|
Other parties in the event of a corporate transaction, such as an acquisition |
Contact Information; Identifying Information; Government Identification Information; Visit Information; Log-in Credentials; Security Clearance Information |
Visitor Personal Information is handled strictly on a need-to-know basis and only used for the identified purposes above. Your Personal Information may be accessible by our customers if required, and shared with our service providers or affiliates for the following activities:
|
Service Providers |
Location |
|
Denied Party Screening |
United States of America |
|
Security Information Management Systems |
United States of America/United Kingdom |
For a list of relevant service providers, please contact us using one of the means identified in the “How To Contact Us” section below.
Sale or Sharing of Personal Information
We do not sell your Personal Information to third parties in exchange for monetary or other consideration, nor do we share your Personal Information with third parties for cross‐context behavioral advertising.
Your Rights and Choices
Please refer to the “Your Rights and Choices” section of the Northrop Grumman Privacy Notice for an explanation of the rights and choices you have under applicable laws regarding your personal information.
Data Transfers
Please refer to the “Data Transfers” section of the Northrop Grumman Privacy Notice for information related to the cross-border transfer of personal information to regions other than the region in which the information was collected/obtained.
How We Protect Personal Information
Please refer to the “How We Protect Personal Information” section of the Northrop Grumman Privacy Notice for a description of the measures we undertake to protect your personal information.
Data Retention
Please refer to the “Data Retention” section of the Northrop Grumman Privacy Notice for more information on how long your data may be kept.
Links To Other Websites
Please refer to the “Links To Other Websites” section of the Northrop Grumman Privacy Notice for more information.
Updates To Our Notice
Please refer to the “Updates To Our Notice” section of the Northrop Grumman Privacy Notice for more information.
How To Contact Us
Please refer to the “How To Contact Us” section of the Northrop Grumman Privacy Notice for more information.
Subsidiaries/Affiliates
Please refer to the “Subsidiaries/Affiliates” section of the Northrop Grumman Privacy Notice for more information.